How to make BitTorrent Transfers Anonymous

The Swedish Pirate Party introduced a completely anonymous internet service called relakks. Relakks makes it possible to browse the web, and use p2p-applications (like BitTorrent) without being monitored by your ISP or anti-piracy gangs like the MPAA and RIAA.

“There are many legitimate reasons to want to be completely anonymous on the Internet,” says Rickard Falkvinge, chairman of the Pirate Party. “If the government can check everything each citizen does, nobody can keep the government in check. The right to exchange information in private is fundamental to the democratic society. Without a safe and convenient way of accessing the Internet anonymously, this right is rendered null and void.

Subscriptions cost EUR 5.00 per month or EUR 50.00 for 12 months

Read More

Start your own BitTorrent tracker

To the novice, setting up a BitTorrent tracker is a hugely complex task. Within minutes of making the decision to even attempt such a thing, it becomes crystal clear that without specialist coding knowledge the project is doomed to fail, probably before it even starts. In order for BitTorrent tracker ownership to be accessible to all, the technical roadblocks need to be overcome.

The team behind XBTIT (previously BTiTracker) are hoping to achieve just that with their latest beta version.

XBTIT enables potential site administrators to quickly and easily set up their own BitTorrent tracker, something that was previously only available to people with some coding skills.

In order to make the process as user-friendly as possible, the team are offering some major upgrades and features:
Optional SMF Forum Integration

SMF is a fully featured bulletin board system which is very easy to set up. Downloaded and installed separately, user accounts are fully integrated with XBTIT after installation so there is no need for multiple log ins.
Optional XBT Tracker Integration

XBT Tracker is a BitTorrent tracker written in C++. The advantages of using this is that you can have many more peers than a traditional PHP based tracker while consuming very few resources on your server, making ownership of a very large tracker a reality.
One Click Hack/Modification Installation

All the best trackers have great modifications designed to bring additional functionality to the site. However, installing these can still be quite a task for the experienced - and absolutely mind-blowing for the novice. XBTIT offers One-Click-Hack which means no more having to hack away at lines of code to install the latest modifications for your tracker. An automated system for hack installation is included which is great news for the novice.
Fully Customizable Template System

This means there is no requirement to hack away at code to change the look of your site. Templates are now totally separate from the tracker source so it’s possible to tinker with the look of the site without worrying about breaking anything. New templates will be available with the final version of the software.
Updated Installation Routine

The new installation routine takes care of everything that previously had to be done by hand, saving much time when installing a new tracker.

The XBTIT team told us they are proud to be leading the way with what they believe is the most customizable and accessible tracker to date, and they are inviting any interested TorrentFreak readers to apply for beta testing at www.btiteam.org

Read More

How To Encrypt BitTorrent Traffic

The list of ISP’s that limit BitTorrent traffic, or plan to do so is growing every day, and according to the BBC, the ‘bandwidth war’ has begun.

Are you not sure if your traffic is being throttled Check the list of bad ISP’s.

But there is a solution. Encrypting your torrents will prevent throttling ISP’s from shaping your traffic. I will explain how to enable encryption in Azureus, uTorrent, and Bitcomet, the three most popular torrent clients.

What does encryption Do?

The RC4 encryption obfuscates not only the header but the entire stream. This means that it’s very hard for your ISP to detect that the traffic you are generating comes from BitTorrent.

Note that RC4 uses more CPU time than the plain encryption or no encryption. It is however harder to identify for traffic shaping devices

How can I do this?

This is different for all clients; check the setting for your favorite client below.

Azureus

azureus bit torrent

1. Go to: Tools > Options > Connection > Transport Encryption

2. Check the ‘require encrypted transport’ box.

3. Choose RC4 in the ‘minimum encryption’ dropdown box

note that RC4 uses more CPU time than the plain encryption or no encryption. It is however harder to identify for traffic shaping devices
4. You can choose to tick the ‘Allow non-encrypted outgoing connections if encrypted connection attempt fails’ box. This will ensure compatibility with clients that are not using encryption. However, it makes it easier for your ISP to detect BitTorrent traffic. I recommend that you try to tick this box first. If you are still not getting proper speeds untick it

5. Tick the ‘Allow non-encrypted incoming connections’ box

azureus bit torrent

That’s it, your BitTorrent traffic is encrypted now.

Bitcomet

bitcomet bit torrent

1. Go to: Options > Preferences > Advanced > Connection

2. Go to: ‘Protocol encryption’ You can choose between ‘auto detect’ and ‘always’. Auto detect will give you more connections but offers less protection against traffic shapers.

I would recommend to try auto detect first, if that doesn’t increase your speeds you need to switch to always

bitcomet bit torrent

That’s it, your BitTorrent traffic is encrypted now.

uTorrent

utorrent bit torrent

1. Go to: Options > Preferences > BitTorrent

2. Go to ‘Protocol encryption’, you can choose between ‘enabled’ and ‘forced’. ‘Enabled’ will give you more connections but offers less protection against traffic shapers.

I would recommend to try ‘enabled’ first, if that doesn’t increase your speeds you need to swich to ‘forced’.

3. Ticking ‘Allow legacy incoming connections’ allows non ecrypted clients to connect to you. This improves compatibility between clients but makes you more vulnerable to traffic shapers.

I would recommend to tick this box, but if that doesn’t increase your speeds, untick it!

utorrent bit torrent

That’s it, your BitTorrent traffic is encrypted now.

Read More

Speed Up Your BitTorrent Transfers by 500 times

Have you ever wondered if it’s truly possible to be able to download up to 500% faster then you currently are? If it’s actually possible to increase your download speeds?… Well truth is that it’s very easy to optimize and tweak your Torrent Client so that you can boost and increase download speeds by up to 500% faster.


Just for today, you can get this great product for just $17!!

Truth is, lots of people are interested in paying for free stuff, offered by sites such as highspeedtorrent.com. This site uses lots of flashy talk to trick the BitTorrent novice into believing that it holds the secrets to super-fast torrents - but it in the end it charges each person $17 for a few guides, easily available for free right here on TorrentFreak.

But surely not many people fall for paying for this sort of ’service’? Well, in fact, that’s an emphatic YES, unfortunately they do. Even with sales talk like this:

Never Again Will A Sale So Kick Ass, So Downright Brilliant, So Disgustingly Good, So Nauseatingly Appealing , And So Unbelievably Cheap, Will Ever Happen Again.

The owner of High Speed Torrent is looking to sell his site and quite profitable it seems too, at a claimed $4000 takings each month. Maybe it’s an over-estimate by an enthusiastic admin in order to get a better return - after all, surely you can’t make money from freely available guides?

Take a look at High Speed Torrent’s PayPal payments received account, hosted on their own site for the benefit of prospective buyers - you decide if it’s profitable or not.

In the meantime, help yourself to some of our guides, hints and tips. There’s 20 more of the best right here.

Read More

Speed up your torrents

1. Cap your upload (most important)

Limit your upload speed to approximately 80 percent of your maximum upload rate. You can check your upload speed over here (never trust your isp). Once you know your maximum upload speed, change the max upload (to 80%) speed in your torrent client’s preferences.

Don’t get me wrong, everyone should share as much as possible, but if your upload rate reached it’s max, your download rate suffers significantly.

2. Hack the max TCP connections

If you’re on XP sp2, your TCP connections are limited to a maximum of 10. This seriously hurts your downloading speed because it wont let you connect to a high amount of ip numbers. It is supposed to slow down viruses because their spreading strategy is to connect to a high amount of ip numbers, but it also cripples your torrent downloads.
A nice way to fix this is to download this patch, it allows you to set the maximum allowed connections to any number you want. Any number between 50 and 100 is ok (more on this).

3. Check seeds and peers

A simple tip, but o so important. Always look for torrents with the best seed/peer ratio. The more seeds (compared to peers) the better (in general). So 50 seeds and 50 peers is better than 500 seeds and 1000 peers. So, be selective.

4. Change the default port.

By default, BitTorrent uses a port 6881-6999. BitTorrent accounts for a lot of the total internet traffic (1/3), so isp’s like to limit the connection offered on the these ports. So, you should change these to another range. Good clients allow you to do this, just choose anything you like. If you’re behind a router, make sure you have the ports forwarded or UPnP enabled.

5. Disable Windows Firewall

It sucks. Windows Firewall hates P2P and often leads a life of it’s own. So disable it and get yourself a decent firewall, Kerio or Zone Alarm for example.

Last but not least… Buy a faster connection…

Read More

VLC Player Vulnerable to Remote Hijack

VLC Player, one of the best and most widely used media players has found to be vulnerable to a remote hijack. The reported vulnerability makes it possible for a malicious user to run arbitrary code, potentially taking remote control of the host machine.

VLC is a popular media player among BitTorrent users. Not just for the fact that it is free, also because it includes a huge number of the video codecs, so it can play virtually every video file available.

Unfortunately, the latest versions of VLC have a security flaw according to a report from Luigi Auriemma. The vulnerability can be exploited to compromise a user’s system, as it leaves it wide open for a malicious user to run arbitrary code.

The problem occurs when a someone loads a subtitle file, which causes a buffer overflow that can be exploited. The security flaw is platform independent, which means it affects Windows, Mac and Linux users.

Initially it was reported that the flaws in version 0.8.6d were fixed in the latest release, but this turns out not to be the case. Auriemma writes: “The old buffer-overflow in the subtitles handled by VLC has not been fully patched in version 0.8.6e.”

“The funny thing is that my old proof-of-concept was built just to test this specific buffer-overflow and in fact it works on the new VLC version too without modifications,” he adds.

For now, the only solutions are not to run any subtitle files, or to grab one of the nightly builds. The downside is, however, that these might not be as stable as the regular releases.

Read More

Useful Hacking Tricks

Getting Ip's:--

To see the ip all computers you are connected to (web servers, people attempting to hack into your computer).
Go to dos (start>run>type command) and run the netstat command. Type netstat /? for details.
Type netstat -r at the command prompt to see the ip of all computers you are connected to

In MSN (and other programs) when you are chatting to someone everything you type goes through the MSN servers first (they act as a proxy) so you see their ip rather than who you are chatting to. You can get round this by sending them a file as MSN doesn't send file through its proxy.
When you type the netstat -r (or -a for a different view) the ip's are under the foreign address table. The ports are separated by a : . Different programs use different ports, so you can work out which ip's are from which program.
Connecting to other computers and what ports are:--

Servers send information. Clients retrieve. Simple.
Windows comes with a built in program to connect to other computers called telnet.
To start Windows telnet Start menu> Run> type Telnet. Click connect> remote system
Ports are doors into computers. Hosts are computer names
(ip number or a name that is translated into the ip automatically)
Different programs open different ports, but they always open the same ports so other computers know which port to connect to. You can get a port list listing all the different ports, but a basic one is:
11 :- Sends info on the computer
21 :- FTP (File transfer program)
23 :- Telnet (Login to the computers command line)
25 :- Smtp (Sends mail)
80 :- Http (Web pages)
There are thousands of different programs using different ports. You can get programs called port scanners which check a computer for all ports up to a certain number, looking for ways in. You can port scan a computer looking for ways-in.
Anyway, back to telnet.
Type http://www.yahoo.com as the host and port as 80 the click connect.
If nothing happens, you're in. Wow. You are connected to Yahoo's server.
You can now type http commands (you are connected to an http server, so it supports http commands). Ie. on an ftp server you can type open and it will do something. On an http server it will just wonder what the hell you are on about.
Type get / http/1.0 then press enter twice to get the file on the server at / (try /index.html) etc.)
Allowing dos and regedit in a restricted Windows

See http://blacksun.box.sk/tutorials/format....ndows.html for some very cool tactics.
A very simple tactic I found after accidentally locking myself out of dos and regedit is to open notepad and type the following:
REGEDIT4
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp]
"Disabled"=dword:0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"DisableRegistryTools"=dword:0

Save it as something.reg then run it. Simple.

Making non deletable, unreadable folders

Tested on Windows 95/98
By holding down alt, then typing numbers on the number pad (right of the keyboard) you can create special characters. If you hold down alt, then press 1, then let go, you got the ascii character 1. You try some random numbers. This goes all the way up to 255. Open a dos prompt, and type md (alt+1+9+4)some word. md is the dos command to make a directory, now try and open the directory in Windows, you can't. To open it, type ren (alt+1+9+4)some word some word (ren is the dos command to rename)

Proxies

Proxies are computers that you connect through, hiding your computer. Most aren't anonymous, they give away your ip. Some are. Good anonymous proxies: mail.uraltelecom.ru:8080 and 194.247.87.4:8080.
Different programs require different ways of using proxies. To do it in internet explorer 5 go to tools, internet options, connections, settings. In the above proxies they are in the format host:port

Password files
If you lock yourself out of Windows stuff, all passwords are stored in files called *.pwl in C:windows. In Unix, passwords are normally stored at etc/passwd. This can be viewed using the cat command (prints a file to screen): cat etc/passwd. Make sure you're passwords are shadowed (not actually in etc/passwd). Also make sure they aren't in a file called shadow, especially not in a file called etc/shadow.
Unix passwords are encrypted far better than Windows one's (to be fair, Windows 95 isn't designed for users), but can still be cracked through a program called jon.

Securing your website
Ftp Ftp is how you upload your web site, if someone finds out the password they can add/ delete anything. Brute forcing is the most common ftp attack, where a program guesses every possible combination (or from a list of words). An eight letter alpha-numeric word is almost impossible to crack, as the process is slow.
The real problem is with server side scripting. Pages other than plain html (ie. pages that perform commands on the host) are a security risk. The main problems are scripts that write to pages (guest books etc.). If when the guest book is viewed it has a .shtml extension, then it can execute commands. Eg. a malicious visitor could place
Everything happens for a reason, If you didn't make the decisions you made then. You wouldn't be who you are today.
Always Remember...
No Regrets!

Read More